Merge pull request #57113 from wwwtyro/rye/optional-kube-dns

Automatic merge from submit-queue (batch tested with PRs 56676, 57050, 54881, 56822, 57113). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>.

make kube-dns addon optional

**What this PR does / why we need it**: Makes the kube-dns addon optional so that users can deploy their own DNS solution.

**Release note**:
```release-note
Makes the kube-dns addon optional so that users can deploy their own DNS solution.
```

cluster/juju/layers/kubernetes-master/config.yaml

@@ -3,6 +3,10 @@ options:
     type: boolean
     default: True
     description: Deploy the Kubernetes Dashboard and Heapster addons
+  enable-kube-dns:
+    type: boolean
+    default: True
+    description: Deploy kube-dns addon
   dns_domain:
     type: string
     default: cluster.local

cluster/juju/layers/kubernetes-master/reactive/kubernetes_master.py

@@ -467,10 +467,10 @@ def etcd_data_change(etcd):
 @when('cdk-addons.configured')
 def send_cluster_dns_detail(kube_control):
     ''' Send cluster DNS info '''
-    # Note that the DNS server doesn't necessarily exist at this point. We know
+    enableKubeDNS = hookenv.config('enable-kube-dns')
-    # where we're going to put it, though, so let's send the info anyway.
+    dnsDomain = hookenv.config('dns_domain')
-    dns_ip = get_dns_ip()
+    dns_ip = None if not enableKubeDNS else get_dns_ip()
-    kube_control.set_dns(53, hookenv.config('dns_domain'), dns_ip)
+    kube_control.set_dns(53, dnsDomain, dns_ip, enableKubeDNS)
 
 
 @when('kube-control.connected')
@@ -592,11 +592,12 @@ def configure_cdk_addons():
     ''' Configure CDK addons '''
     remove_state('cdk-addons.configured')
     dbEnabled = str(hookenv.config('enable-dashboard-addons')).lower()
+    dnsEnabled = str(hookenv.config('enable-kube-dns')).lower()
     args = [
         'arch=' + arch(),
-        'dns-ip=' + get_dns_ip(),
         'dns-domain=' + hookenv.config('dns_domain'),
-        'enable-dashboard=' + dbEnabled
+        'enable-dashboard=' + dbEnabled,
+        'enable-kube-dns=' + dnsEnabled
     ]
     check_call(['snap', 'set', 'cdk-addons'] + args)
     if not addons_ready():
@@ -963,11 +964,10 @@ def create_kubeconfig(kubeconfig, server, ca, key=None, certificate=None,
 
 
 def get_dns_ip():
-    '''Get an IP address for the DNS server on the provided cidr.'''
+    cmd = "kubectl get service --namespace kube-system kube-dns --output json"
-    interface = ipaddress.IPv4Interface(service_cidr())
+    output = check_output(cmd, shell=True).decode()
-    # Add .10 at the end of the network
+    svc = json.loads(output)
-    ip = interface.network.network_address + 10
+    return svc['spec']['clusterIP']
-    return ip.exploded
 
 
 def get_kubernetes_service_ip():

cluster/juju/layers/kubernetes-worker/reactive/kubernetes_worker.py

@@ -545,7 +545,6 @@ def configure_kubelet(dns):
     kubelet_opts['v'] = '0'
     kubelet_opts['address'] = '0.0.0.0'
     kubelet_opts['port'] = '10250'
-    kubelet_opts['cluster-dns'] = dns['sdn-ip']
     kubelet_opts['cluster-domain'] = dns['domain']
     kubelet_opts['anonymous-auth'] = 'false'
     kubelet_opts['client-ca-file'] = ca_cert_path
@@ -554,6 +553,9 @@ def configure_kubelet(dns):
     kubelet_opts['logtostderr'] = 'true'
     kubelet_opts['fail-swap-on'] = 'false'
 
+    if (dns['enable-kube-dns']):
+        kubelet_opts['cluster-dns'] = dns['sdn-ip']
+
     privileged = is_state('kubernetes-worker.privileged')
     kubelet_opts['allow-privileged'] = 'true' if privileged else 'false'